Layer One

Uplink

There is a CAT6 cable running straight up out of the Guild machine room, along the rafters and back down into the UCC machine room, terminated on a block on the North machine room wall.

In addition, there is a long piece of CAT5 (that was previously the primary uplink!) running through the walls from the machine room to the Guild machine room in Cameron Hall (across from UWAnime). If you're looking for where the cable runs, it's possibly disguised as a network outlet cable in one of the other student clubrooms.

In the Guild machine room is a Cisco 3508XL called sesame Cisco 4507 called lard but in DNS as sesame. This connects to the CAT5/CAT6 above and to single mode fibre, which runs into an ITS managed distribution switch located in the Science library and is imaginatively titled science-dr-01.

These are all labeled and in the rack. There is also a patch panel for the clubroom wall-ports at the bottom of the right-most rack beneath Bitumen.

Clubroom

There is CAT5 cabling run from a patch panel at the bottom of the rack to a number of wall ports throughout the room. Where not enough wall-ports are available, there are small 5-port unmanaged switches used to attach more devices to the network.

172.26.42.0/24 is for 'untrusted client machines' and is allocated to us by UWA and routed to us via VLAN 13. There is some history here, but these addresses are not routed outside the Uni. This subnet may be NATted to public IPs for external access.

Currently unused.

Addressing scheme

Most of UCC's subnets use DHCP to assign addresses based on MAC address. Further details can be found at Network/Services#DHCP.

Routing and Firewall

Murasoi, the Linux router, is a beast of burden. See Network/Firewall for further information on the way it operates.

IPv6

UCC has 2405:3C00:5200:100::/58 (which is :100:: to :13f:: inclusive).

(This is unusually small. RFC-6177 recommends that small end sites - such as a home user with devices in the "dozens or less" - should be allocated a /56 range.)

This is advertised by radvd on Murasoi which most machines autoconfigure from, however some machines have statically assigned addresses. There is an IPv6 firewall that matches our IPv4 firewall very closely. IPv6 traffic is free.

Many machine room systems have IPv6 address, which are statically assigned. These are available in DNS using the ipv6.ucc zone (e.g. martello.ipv6.ucc.asn.au), and usually in the main DNS entry. There is no reverse DNS delegation at this stage, so reverse DNS is UCC-only.

Mooneye's DNS record doesn't have an AAAA record, because we are scared of this breaking Things(tm).

2405:3c00:5200:9100::/64 VUCC "Virtual UCC" IP range (note: not technically owned by UCC and hence not routable from the Internet)

Multicast

UWA runs multicast in sparse PIM mode, and Murasoi runs pimd as noted here. Make sure pimd is only listening once per interface, otherwise things won't work quite right. Multicast traffic is also free.

Higher Layers

HTTP goes through mussel or mooneye. HTTPS is served by mussel on secure.ucc.asn.au, however IMAPS, POPS and SMTPS are NATted by Murasoi to go to Motsugo, for the historical reason that UCC could only afford one SSL certificate. Nowadays, UCC uses LetsEncrypt for everything (including secure.ucc.asn.au) and this is no longer necessary.

There are a number of VPN servers running on Murasoi, though SSH tends to be the most reliable protocol for tunneling about UWA.